| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In the Linux kernel, the following vulnerability has been resolved:
IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields
Overflowing either addrlimit or bytes_togo can allow userspace to trigger
a buffer overflow of kernel memory. Check for overflows in all the places
doing math on user controlled buffers. |
| In the Linux kernel, the following vulnerability has been resolved:
neighbour: allow NUD_NOARP entries to be forced GCed
IFF_POINTOPOINT interfaces use NUD_NOARP entries for IPv6. It's possible to
fill up the neighbour table with enough entries that it will overflow for
valid connections after that.
This behaviour is more prevalent after commit 58956317c8de ("neighbor:
Improve garbage collection") is applied, as it prevents removal from
entries that are not NUD_FAILED, unless they are more than 5s old. |
| In the Linux kernel, the following vulnerability has been resolved:
hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations
Commit b50aa49638c7 ("hwmon: (lm90) Prevent integer underflows of
temperature calculations") addressed a number of underflow situations
when writing temperature limits. However, it missed one situation, seen
when an attempt is made to set the hysteresis value to MAX_LONG and the
critical temperature limit is negative.
Use clamp_val() when setting the hysteresis temperature to ensure that
the provided value can never overflow or underflow. |
| In the Linux kernel, the following vulnerability has been resolved:
tools/power turbostat: Fix offset overflow issue in index converting
The idx_to_offset() function returns type int (32-bit signed), but
MSR_PKG_ENERGY_STAT is u32 and would be interpreted as a negative number.
The end result is that it hits the if (offset < 0) check in update_msr_sum()
which prevents the timer callback from updating the stat in the background when
long durations are used. The similar issue exists in offset_to_idx() and
update_msr_sum(). Fix this issue by converting the 'int' to 'off_t' accordingly. |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| Windows OLE Remote Code Execution Vulnerability |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
| Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability |
